Create VPC Flow Logs QuickSight Analysis Dashboard

To manage VPC Flow Logs and QuickSight dashboard in central account please make sure you create resources for the central account in the region supported by QuickSight. Refer to this link to see supported regions.

Create QuickSight Dataset and Dashboard

We will now create the data sets in QuickSight from the Athena view and an analysis dashboard. All the steps from this section are required to execute one time in central account.

  1. Login to your central AWS account.

  2. Run CloudFormation stack to create QuickSight Athena dataset and a Dashboard.

  • Download CloudFormation Template:

    CSV file format - vpc_flowlogs_quicksight_template.yaml

    OR

    Parquet file format - vpc_flowlogs_quicksight_multi_view_template.yaml

  • From AWS Console navigate to CloudFormation. Then click on Create stack Images/quicksight_dashboard_dt-8.png

  • Create stack page:

    1. In Specify template section, select Upload a template file.

    2. Then Choose File and upload the appropriate template below (you have downloaded previously)

      CSV file format: vpc_flowlogs_quicksight_template.yaml

      OR

      Parquet file format: vpc_flowlogs_quicksight_multi_view_template.yaml

    3. Then Click Next

    Images/quicksight_dashboard_dt-9.png

  1. In Specify stack details page:

    1. Provide unique stack name e.g. VPCFlowLogsQuickSightStack-01

    2. QuickSightUserArn: You will need to provide ARN so that you will get permission to access the dashboard

      • Run below command in AWS Cloudshell after replcing <your account id> with central AWS account id and <your region> with region where QuickSight user is created. Copy the arn from response as shown in screenshot below.

        aws quicksight list-users --aws-account-id <your account id> --namespace default --region <your region>

        Example Response screenshot:

        Images/qs-vpcfl-qs-02.png

    3. VpcFlowLogsAthenaDatabaseName: This is required as QuickSight dataset will be created on this database

  • Click Next Images/qs-vpcfl-qs-02.png

  1. Add tags Name=VPCFlowLogs-QuickSight-Stack and Purpose=WALabVPCFlowLogs. Keep rest of the selections to default vaules. Then Click Next Images/quicksight_dashboard_dt-11.png

  2. Review the Stack parameters Images/qs-vpcfl-qs-03.png

  3. Then, click on Create Stack Images/qs-vpcfl-qs-04.png

  4. You will see the progress of the stack creation under Events tab as below. Please wait for the stack to complete the execution. Once complete it will show the status CREATE_COMPLETE in green against stack name, then proceed to the next step. Images/qs-vpcfl-qs-05.png

  5. From AWS console navigate to the QuickSight and click on Dashboards link on the left panel.

  6. You will see the newly created dashboard in QuickSight under Dashboards, click on the Dashboard name VPC Flow Logs Analysis Dashboard integrated with AWS VPC Service: Images/qs-vpcfl-27.png

  7. Click Share, click Share dashboard:, Images/qs-vpcfl-28.png

  8. Click on Manage dashboard access: Images/quicksight_dashboard_8.png

  9. Add the required users, or share with all users, ensure you check Save as for each user, then click the x to close the window: Images/quicksight_dashboard_9.png

  10. Click Save as: Images/qs-vpcfl-31.png

  11. Enter an Analysis name and click Create: Images/qs-vpcfl-32.png

Perform steps 11 - 15 above to create additional analyses for other teams, this will allow each team to have their own customizable analysis.

  1. You will now have an analysis created from the template that you can edit and modify: Images/qs-vpcfl-analysis.png